What is SSL?
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. It protects sensitive data between a server and a client. It used to transfer encrypted and safe information between a user and a website. As Web developers and website owners, we are responsible for providing a safe web experience for all of our users. Also having SSL on website is a positive search engine ranking signal.
Some website owners and developers don’t need an SSL Certificate as they are not selling anything and only offering information. But SSL encryption will prevent man in the middle attacks, which is a serious security issue when working online.man in the middle attacks, which is a serious security issue when working online.
We can take advantage of free SSL offered by Let’s Encrypt it offers domain validated SSL certificates
What is Let’s Encrypt?
Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit by the Internet Security Research Group (ISRG). It makes it possible to obtain browser-trusted certificates for your domains at no cost that renew automatically.
Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting and maintaining a certificate can be. Let’s Encrypt automates away the pain and lets site operators turn on and manage HTTPS with simple commands. Using Let’s Encrypt is free, so there is no need to arrange payment.
If you’d like to know more about how Let’s Encrypt works behind the scenes, check out our how it works page.
Here I will show you how to add Free SSL in WordPress site with Let’s Encrypt in Bluehost. Also the process is almost same for other hosting services such as Hostgator and godaddy. To install Let’s encrypt SSL in site ground visit https://www.siteground.com/tutorials/cpanel/lets-encrypt.htm.
How to Add Free SSL in WordPress with Let’s Encrypt in Bluehost
Install and Active the plugin WP Encrypt
After plugin activation you will find a new admin page in the Settings menu where you can register, generate, renew and revoke certificates for your WordPress site. In a Multisite, this menu is not located in the regular admin, but in the network admin, and it will work for all sites in the network. On the admin page you will find a help tab on top which provides further information on how to get started.
for more info see plugin’s FAQ page
Now follow the steps:
Step 1: Generate a Private Key
Login to cPanel
Click on SSL/TLS Manager in the Security section
Click on Generate, view, upload, or delete your private keys under Private Keys (KEY)
Set the Key Size to 2,048 bits
You can leave the Description blank
Click on Generate
That’s it. You’ve generated the KEY for the SSL
Step 2: Generate a Public Key (Certificate Signing Request)
Click on Return to SSL Manager
Click on Generate, view, or delete SSL certificate signing requests under Certificate Signing Requests (CSR)
Select the Key you’ve generated
Enter your domain name for which you’d like to install SSL
Note – If you’d like to install the certificate for www.yourdomain.com, enter the www.yourdomain.com in this field and not just yourdomain.com
Fill in your company details along with the email address
Set a random alphanumeric Passphrase (For example – abc123)
You can leave the Description blank
Click on Generate
Copy & Paste the Encoded Certificate Signing Request into a notepad file
That’s it. You generated the CSR for the SSL
Step 3: Upload the Certificate
Click on Return to SSL Manager
Click on Generate, view, upload, or delete SSL certificates under Certificates (CRT)
Copy and paste the body of the certificate
(The certificate file placed in a subdirectory in /letsencrypt/live/your_domain_name/cert.pem)
You can leave the Description blank
Click on Save Certificate
Just a few more steps to go.
Step 4: Installing the Certificate
Click on Return to SSL Manager
Click on Manage SSL sites under Install and Manage SSL for your site (HTTPS)
Select your domain name from the drop down for which you’ve uploaded the certificate
Fill Private Key: (KEY) (copy and past fom private.pem) and Certificate (CRT) (copy and past fom cert.pem) and click on “auto fill”
(private.pem and cert.pem are stored in a subdirectory in /letsencrypt/live/your_domain_name/)
Click on Install Certificate
Click on OK
Step 5: Updating WordPress Website URLs
After setting up the SSL certificate, the next step is to move your WordPress URL from HTTP to HTTPS.
Generally normal sites use HTTP protocol When secure sites use HTTPS protocol.
The Address of Secure site with SSL look like this: https://yourdomain.com or https://www.yourdomain.com
If your website is brand new, then just go to your WordPress admin area and click on settings.
There you will need to update the WordPress URL and Site URL fields to use https.
Don’t forget to save your changes.
If your site has been live for a while, then it can be indexed by search engines. Other sites and bookmarks may have linked to it using http in the URL. So You need to redirect your traffic to the https URL. You can install and activate the Really Simple SSL or wp force SSL plugin.
If you have Google Analytics installed on your site, don’t forget to update your new url there with https.
That’s all done, If you have any further question and need my help, Please ask me via comment. If you liked this article, Please share it on social media.
The post Add Free SSL in WordPress with Let’s Encrypt in Bluehost appeared first on Wasim Sama.
